Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 27 Dec 2002 20:02:24 +0100
From:      Pawel Jakub Dawidek <nick@garage.freebsd.pl>
To:        freebsd-hackers@freebsd.org
Subject:   Login directly as root.
Message-ID:  <20021227190224.GA29966@prioris.mini.pw.edu.pl>

next in thread | raw e-mail | index | archive | help
Hello hackers...

I'm wondering why there is "insecure" options in /etc/ttys for virtual
consoles.
As we all know, "insecure" for ttyvX means that we can't directly log in
as root, but "insecure" for console field in /etc/ttys means only that
we will be asked  for root's password in single mode.
Hmm, if I got psyhical access to machine and ttyvX are in "insecure" mode
and I know root's password I can just reboot machine and log in as root.
So if "insecure" mode is a security feature, shouldn't this be in that
way (in single mode):

Login: <wheel group member>
Password: <wheel group member's password>
Root's password: <root's password>

?

-- 
Pawel Jakub Dawidek
UNIX Systems Administrator
http://garage.freebsd.pl
Am I Evil? Yes, I Am.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021227190224.GA29966>